Sei sulla pagina 1di 22

Afaria 6.

6 FP1 A closer look

Some more details on the new features in 6.6 & FP1 iPhone iOS 4 MDM A closer look at the beta!

Afaria 6.6 & 6.6 FP1 New Features

Android Client Inventory
Hardware and Software inventory of devices License Manager support for tracking software licensing

Configuration of WiFi settings More to follow as OS APIs support available

Remote Wipe/Lock/Unlock
Ability to trigger Wipe, Lock or Unlock of device from Afaria console

Password Policies
Policy control of password enforcement, format, # failed attempts etc.

Session Manager
Send, Get, Delete, Copy and logic commands supported within our program space on device

Exchange Access Control

Block email access for unmanaged devices

Afaria 6.6 & 6.6 FP1 New Features

Roaming Controls for Win-Mobile and Symbian Windows Mobile
Configuration manager options when roaming to Disable data/email attachments/Afaria scheduled or manual connections/IMAP & POP3 email when roaming Display message to end user New Roaming Monitor to trigger custom actions when device roams

Configuration Manager options to Disable data connections/Afaria scheduled or manual connections Display message to end user New Roaming Monitor to trigger custom actions when device roams

Afaria 6.6 & 6.6 FP1 New Features

OMA DM OMA DM policy file (DDF) import option
Easier to support new functionality from new DDFs without building XML from scratch

Windows Mobile Management Update Updated UI look and feel Software Manager enhancements More installation control options around silent install, soft reset of device, CAB status etc. Kill process option Server Infrastructure updates Windows 2008 R2 64-bit server support SQL 2008 Support Updated installation process

iPhone Device Management


80% of the Fortune 100 companies in the US now actively piloting or deploying iPhone. In September 2009, 16% of US information workers used iPhones for work, even at the world's largest organizations.* By the end of 2009, Apple was estimated to have sold: Two million iPhones to corporate accounts Another five million iPhones were estimated to be in mixed business use by individuals.**
*Forrester Blogs. Ted Schadler, January 27, 2010 ** Apple Insider:


New MDM protocol native in iOS 4 provides enterprise-grade device management
iOS handles all MDM requests and actions in the background using a single connection Maintains end user experience as device is managed without user interaction after initial provisioning Policies installed are confirmed back to the server providing compliance assurance Uses the Apple Push Notification Service (APNS) to deliver management to the device

MDM Capabilities
Install/remove device configuration policies without user interaction Query comprehensive software and hardware inventory and asset tracking information Detect jail broken status Remote erase, lock and clear passcode

If MDM relationship is terminated, managed applications are disabled, configuration data is removed from the device and managed Exchange account information and data is removed Once a MDM relationship is established only that entity can manage the device using MDM protocol

DMZ Provisioning Process Provision & Send MDM Payload Device Association w/Server Opt in User Action


Apple Push Notification Service


Server Communication Ongoing Management


(AFARIA 6.5 FP2)
Basic support for iOS4 and iPhone/iPad 3.x OS Lockable configuration policies for OTA distribution to iPhones Integrated iPhone management into the Afaria console Trust relationship between the Afaria system and iPhones client devices to allow profiles (policies) to be set by the administrator Exchange Access Control support Remote kill for iPhone and iPad through Exchange. New Afaria client with jail break detection


(AFARIA 6.6 FP1)
Manage the Device Without User Interaction
Deliver and remove device policies behind the scenes through a trusted relationship

Accurate and Up to Date Asset Tracking Data

Device Information, Device Network Information ,Security Information, Installed Profile List, Installed 3rd party applications, certificate list, and applied restrictions

Enterprise Application Deployment

Over the air enterprise applications delivered directly to the device

iPhone End User Experience

Easy provisioning process Select and download suggested applications

Corporate Security
Remotely lock and wipe device or enterprise applications and data Ensure corporate security policies are enforced on the device Gate access to corporate assets based upon device compliance

Manage Multiple Platforms with a Single Solution

iOS, Android, WM, Symbian, Palm, Windows iOS policy configuration integrated into the Afaria console


Enables the secure provisioning and management of iPhone deployments in the enterprise
Advanced Policy Management

Enterprise App Deployment

Corporate Security

Accurate Asset Tracking

Afaria Client


Delivers enterprise in-house apps OTA, providing distribution control and reliable delivery Allows users to download both enterprise and suggested apps through Afaria client portal on the device Provides security for IT while maintaining user independence
Enterprise apps can be managed separately from user applications Ability to revoke application usage remotely

Allows authorized apps to be assigned by user groups Supports both 'required' and 'optional' models for package deployment Enables tracking and reporting of enterprise package installation


Removable Policies
Configuration profiles can be installed and removed by the IT administrator

Remote Lock, Erase and Reset No User Interaction

Native commands from the console

Deliver and remove device policies behind the scenes

MDM Relationship

Termination causes removal of managed applications Configuration data and Managed Exchange account information and data iOS, Android, WM, Symbian, Palm and Windows

Multiple Platforms One Console


Passcode Settings
Require Passcode Allow Simple Value Require Alphanumeric Value Minimum Passcode Length Minimum Complex Characters Maximum Number of Failed Attempts device is wiped Maximum Passcode Age in Days Passcode Lock in minutes Grace Period for device lock Passcode History

WIFI Settings
Service Set Identifier - SSID of the wireless network Hidden Network Security Type Password Accepted EAP Types EAP-FAST Protected Access Authentication Settings Identity Certificate Certificates for validating the authentication server for the Wi-Fi connection. Trusted authentication servers Allow Trust Exceptions SSID Hidden Network Encryption Type

Allow Explicit Content Allow Use of Safari Allow Use of YouTube Allow Use of iTunes Allow Installing Apps Allow Use of Camera Allow Screen Capture Allow Voice Dialing Force Encrypted Backups Allow Multiplayer Games Set Safari Security Preferences Force Fraud Warning Allow Java Script Allow Pop Ups Accept Cookies Allow inApp Purchaces Content Rating Disable Push while Roaming

Account Name Exchange Active Sync Host User Email Address Use SSL Domain Password Credential Name Number of Past Days to Sync User is prompted for values not set

VPN Settings

Account Description Account Type IMAP or POP Path Prefix Account Name Email Address Mail Server and Port Username Use Password Authentication Use SSL Incoming Username Outgoing Username

LDAP/CalDAV/Calendars/ Web Clip

LDAP Connection Settings CalDAV Connection Settings Calendar Connection Settings Web Clip Settings Certificate Payload SCEP Payload CardDAV

APN AP Username AP Password Proxy Server and Port

Connection Name Connection Type Server IP or Name Account Authentication Type Shared Secret Entry Send All Traffic Through VPN Setting Proxy VPN s Supported L2TP/IP PPTP Cisco IPSec Available with Afaria today New Configuration for iOS 4

Devices can be locked and wiped remotely from through commands sent through the Apple push notification service Passcode reset commands can be sent to the device requiring a passcode change Policies and device configurations are reliably applied to the device with status being reported back to the server Enterprise application usage can be revoked Removing managed Exchange credentials removes account and PIM data from the device Able to gate access to Exchange email based upon device policy compliance, time/date of last client connection, and jailbreak status

Accurate and comprehensive asset tracking provides a real time view of current inventory and device status Data is easily accessed through the Afaria console MDM allows a queries to the device that report the following information
Device Info
UDID Device Name iPhone OS and Build Model Name and Number Serial Number Capacity and Space Available IMEI Device Compromised Modem Firmware

Network Info
ICCID BR and Wi-Fi MAC Address Current Carrier Network SIM Carrier Network Carrier Settings Version Phone Number Data Roaming Setting (On.Off)

Applications Installed App ID App Name App Version App and App Data Size Provisioning Profiles Installed Expiry Dates

Compliance and Security

Configuration Profile Installed Certificates Installed List of All Restrictions Enforced Hardware Encryption Capability Passcode Present


Afaria client is downloadable from the App Store Afaria console is equipped to send a configuration message to the device to configure the client connection automatically Client can be manually configured on the device if required Client provides:
Extra jailbreak detection App selection and download Provides Exchange Access Control by optionally requiring the client to connect periodically


iPhone management is part of the Policy and Profile infrastructure Assign apps to profiles that are downloaded through Afaria Client Configuration profiles are now policies within the Afaria console
Create and edit configuration policies in the Afaria console No longer requires iPhone Configuration Utility (iPCU) Ability to import policies from iPCU in the event that new policies are available before they are in Afaria

Send OTA commands to erase, lock the device and reset pass codes using native Apple commands no longer requiring Active Sync View and manage iOS devices in client data views Add, edit, delete client in standard Afaria UI Integrated inventory views, log data and reports displayed in data views


Separation of personal and enterprise information Improved transparency and control

Simplified delivery of enterprise apps

Comprehensive device management

Thank you